Login

GLSA-200804-02 : bzip2: Denial of Service

Medium Nessus Plugin ID 31753

Synopsis

The remote Gentoo host is missing one or more security-related patches.

Description

The remote host is affected by the vulnerability described in GLSA-200804-02 (bzip2: Denial of Service) The Oulu University discovered that bzip2 does not properly check offsets provided by the bzip2 file, leading to a buffer overread. Impact : Remote attackers can entice a user or automated system to open a specially crafted file that triggers a buffer overread, causing a Denial of Service. libbz2 and programs linking against it are also affected. Workaround : There is no known workaround at this time.